<?php
class Models_Acl extends Zend_Acl
{

	private $_acl = null;
	
	
	public function __construct()
	{
		//Roles
		$guestRole=new Zend_Acl_Role('guest');
		$customerRole=new Zend_Acl_Role('customer');
		$employeeRole=new Zend_Acl_Role("employee");
		$adminRole=new Zend_Acl_Role("admin"); 
		$this->addRole($guestRole);
		$this->addRole($customerRole, $guestRole);
		$this->addRole($employeeRole, $guestRole);
		$this->addRole($adminRole,$employeeRole);
		
		
		//Resources
		$this->add(new Zend_Acl_Resource('dish'));
		
		$this->allow("admin", "dish", array('index', 'create','delete'));
		$this->allow("employee", "dish", array('index', 'create'));
		$this->allow("customer", "dish", array('index'));

	}
	
	public function preDispatch(Zend_Controller_Request_Abstract $request) {
		
		$role = (Zend_Auth::getInstance()->hasIdentity())? 'admin': 'guest';
	
		$resource = $request->getControllerName();
	
		if(!$this->_acl->isAllowed($role, $resource, 'index')) {
			
			$request->setModuleName('')
			->setControllerName('account')
			->setActionName('login');
		}
	}
	
}